VPS & Dedicated Servers (Hosting Control Center) Help

How to hide the SSH daemon

Secure Shell (SSH) is a network protocol that provides network services such as remote command-line logins and data communications. It creates a secure channel between a client and a server that are running their respective SSH daemons from a particular port. However, an open SSH port represents a vulnerability that malicious users potentially could exploit to gain access to an SSH server. A system administrator can configure a firewall to hide the SSH daemon from unauthorized users, while allowing authorized users to connect to the server with SSH. This example uses iptables to configure the firewall, which is installed by default on a CentOS system.

DIFFICULTY

Basic - 1 | Medium - 2 | Advanced - 3

TIME REQUIRED

5 min

RELATED PRODUCTS

Linux-based VPS or dedicated servers

Here is a quick tutorial on how to hide the SSH daemon.

Show that the SSH daemon is currently visible

Enter the SSH command that will connect to the server. This example connects to the server at IP address 127.0.01 with the root user name:

# ssh root@127.0.0.1

Enter the password when prompted to ensure the connection has been made to the server. exit out of this session to return to the client.

Configure the firewall to block most traffic

Flush the existing rules for the firewall with this command:

# iptables -F

This rule tells the firewall to accept traffic from a connection that's already been established. Otherwise the firewall would block the current SSH session.

The firewall must allow persistent services that must always be running and visible to the users. For example, this command allows traffic to a website that's being service on port 80, which is the default port for web servers:

# iptables -A INPUT -p tcp --dport 80 -j ACCEPT

Use this command to block all connections that aren't specifically allowed:

# iptables -A INPUT -j DROP

Show that the SSH daemon is now hidden

Confirm that the SSH port is now closed by attempting to connect to the server again:

# ssh root@127.0.0.1

The above SSH command will eventually timeout as shown by the following screenshot:

Was This Article Helpful?

Thanks for your feedback. To speak with a customer service representative, please use the support phone number or chat option above.

Glad we helped! Anything more we can do for you?

Sorry about that. Tell us what was confusing or why the solution didn’t solve your problem.